Summary
PostgreSQL allows you to define single users and groups of users, both represented by the SQL concept of roles. When a database connection attempt is made, PostgreSQL processes the connection information through the host-based access control so that it can immediately establish or reject the connection, depending on firewall-like rules. If the connection can be established, the credentials for the role are checked, and at last, the user is granted access.
Users and groups can be fine-tuned in terms of their granted permissions and connection limitations so that you can decide how many resources a single role can consume.
In this chapter, you have seen how to create and manage roles, as well as how to allow single roles to connect to the cluster and to specific databases. In Chapter 10, Users, Roles, and Database Security, you will see how to deal with the security properties of users and groups, but before you proceed further, you need to know how PostgreSQL objects...
